This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

should show the button only if the current user has WRITE permissions.

Problem: The button is always there, so filtering does not seem to work.

What I found out:
1. The reference to the Model Object via the Handler is working and shown correctly in Firebug.
2. Filtering the same request via @Secured Annotation in the Handler works.
3. We rewrote some parts of the ACL default classes, as shown in the configuration below. But these should work fine ( see Nr. 2 )
4. There are no exceptions or anything, the site just loads and shows the button.
5. As far as I can tell the tag is simply not used. While debugging neither the relevant Voter nor the AccessDecisionManager are reached.
6. As a sidenote: we use SpringSecurity for some time, it`s just the ACL thats new to the system.

Conclusion?
I think our configuration is lacking somehow,but I can`t find it.
So here is it: